pnpm Package-Manager Supply-Chain Advisory Batch
pnpm disclosed a cluster of package-manager vulnerabilities affecting lockfile integrity, Git dependency fetching, repository registry configuration, patch application, and symlink creation; responders should inventory vulnerable pnpm versions and review credential-bearing install paths.
- Signals
- 26
- Last updated
- 2026-06-27
- Hunting
- Has script